PHP.Invision.Power.Board.Multiple.XSS
Description
It indicates an attacker is attempting a Cross Site Scripting attack against Invision Power Board. Multiple vulnerabilities exist in Invision Power Services that could lead to the execution of arbitrary code because of a lack of input validation in the "c", "showtopic", "f", "showuser", and "username" parameters.
Affected Products
Invision Power Services Invision Board 1.3 Final
Impact
Compromise of the affected system.
Recommended Actions
Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |